| 1 | <?php |
|---|
| 2 | // Load the WordPress Environment |
|---|
| 3 | // define( 'WP_DEBUG', true ); /* uncomment for debug mode */ |
|---|
| 4 | |
|---|
| 5 | |
|---|
| 6 | require('./wp-load.php'); |
|---|
| 7 | |
|---|
| 8 | |
|---|
| 9 | /** |
|---|
| 10 | * Don't load all of WordPress when handling a favicon.ico request. |
|---|
| 11 | * |
|---|
| 12 | * Instead, send the headers for a zero-length favicon and bail. |
|---|
| 13 | * |
|---|
| 14 | * @since 3.0.0 |
|---|
| 15 | */ |
|---|
| 16 | function wp_favicon_request_x() { |
|---|
| 17 | $isBad = wp_is_bad_request('ico'); |
|---|
| 18 | if($isBad){ |
|---|
| 19 | header('Content-Type: image/vnd.microsoft.icon'); |
|---|
| 20 | exit; |
|---|
| 21 | } |
|---|
| 22 | } |
|---|
| 23 | |
|---|
| 24 | |
|---|
| 25 | |
|---|
| 26 | add_filter('wp_is_bad_request_extensions', 'rdp_mime_types_filter'); |
|---|
| 27 | function rdp_mime_types_filter($mimes){ |
|---|
| 28 | unset($mimes['mp3|m4a|m4b']); |
|---|
| 29 | unset($mimes['ra|ram']); |
|---|
| 30 | unset($mimes['wav']); |
|---|
| 31 | unset($mimes['ogg|oga']); |
|---|
| 32 | unset($mimes['mid|midi']); |
|---|
| 33 | unset($mimes['wma']); |
|---|
| 34 | unset($mimes['wax']); |
|---|
| 35 | unset($mimes['mka']); |
|---|
| 36 | return $mimes; |
|---|
| 37 | } |
|---|
| 38 | |
|---|
| 39 | /** |
|---|
| 40 | * Check if we have received a junk request, based on file extension. |
|---|
| 41 | * |
|---|
| 42 | * Use the 'wp_is_bad_request_extensions' filter to add or remove allowed file extensions. |
|---|
| 43 | * |
|---|
| 44 | * Use the 'wp_is_bad_request' filter to return the boolean value of a custom evaluation. |
|---|
| 45 | * |
|---|
| 46 | * As a 'best practice', plugin developers should utilize this function as a |
|---|
| 47 | * way to prevent running plugin code unnecessarily. |
|---|
| 48 | * |
|---|
| 49 | * @author Robert D Payne <rpayne@rdptechsolutions.com> |
|---|
| 50 | * |
|---|
| 51 | * @param string $extension Extension of requested file |
|---|
| 52 | * @return bool True if the the HTTP request is considered junk, false otherwise |
|---|
| 53 | */ |
|---|
| 54 | function wp_is_bad_request($extension) { |
|---|
| 55 | $isBad = false; |
|---|
| 56 | |
|---|
| 57 | if(!empty($extension)){ |
|---|
| 58 | $ext = strtolower($extension); |
|---|
| 59 | $mimes = apply_filters('wp_is_bad_request_extensions', wp_get_mime_types()) ; |
|---|
| 60 | |
|---|
| 61 | foreach($mimes as $key=>$value): |
|---|
| 62 | if(count(explode('|',$key)) > 1){ |
|---|
| 63 | $isBad = (strpos($key, $ext) !== false); |
|---|
| 64 | } else { |
|---|
| 65 | $isBad = ($key === $ext); |
|---|
| 66 | } |
|---|
| 67 | if($isBad)break; |
|---|
| 68 | endforeach; |
|---|
| 69 | } |
|---|
| 70 | |
|---|
| 71 | return apply_filters( 'wp_is_bad_request', $isBad); |
|---|
| 72 | }//is_bad_request |
|---|
| 73 | |
|---|
| 74 | $isBad = wp_is_bad_request('wav'); |
|---|
| 75 | |
|---|
| 76 | var_dump($isBad); |
|---|
| 77 | |
|---|